show aaa group name
Field | Description | ||
---|---|---|---|
Group name |
The AAA server group name. |
||
Context |
The context name. |
||
Diameter config: |
|||
Authentication: |
|||
Dictionary |
The Diameter dictionary used for authentication.
|
||
Endpoint name |
The Diameter endpoint used for authentication. |
||
Max-transmissions |
The maximum number of transmission attempts for Diameter authentication. |
||
Max-retries |
The number of retry attempts for Diameter authentication requests. |
||
Request-timeout |
The Diameter authentication request timeout period. |
||
Redirect-host-avp |
Indicates whether to use just one returned AVP, or use the first returned AVP as selecting the primary host and the second returned AVP as selecting the secondary host. |
||
Upgrade-dict-avps |
Displays the upgrade-dict-avps attribute value if configured in AAA group. If not configured, this field displays the default value. |
||
Strip-leading-digit user-name |
Displays whether or not the stripping of leading digit from User-Name AVP is enabled or disabled. |
||
Accounting: |
|||
Dictionary |
The Diameter dictionary used for accounting.
|
||
Endpoint name |
The Diameter endpoint used for accounting. |
||
Max-transmissions |
The maximum number of transmission attempts for Diameter accounting. |
||
Max-retries |
The number of retry attempts for Diameter accounting requests. |
||
Request-timeout |
The Diameter accounting request timeout period. |
||
HD-mode |
Displays the HD-mode value if configured in AAA group. If not configured, this field displays the default value. |
||
HD-policy |
Displays the HD-storage-policy value if configured in AAA group. If not configured, this field displays the default value. |
||
Upgrade-dict-avps |
The Diameter accounting request timeout period. |
||
SDC-Integrity |
Indicates whether or not the SDC Integrity feature is enabled. This feature is used to protect the integrity of SDCs on Rf interface.
|
||
Radius Config: |
|||
Dictionary |
The RADIUS dictionary. |
||
Strip-domain |
Indicates whether the domain is stripped from the user name prior to authentication or accounting. |
||
Authenticator-validation |
Indicates whether the MD5 authentication of RADIUS user is enabled. |
||
Allow authentication-down |
Indicates whether the system allows subscriber sessions when RADIUS authentication is unavailable. |
||
Allow accounting-down |
Indicates whether the system allows subscriber sessions when RADIUS accounting is unavailable. |
||
Attributes: |
|||
Nas-identifier |
The attribute name by which the system is identified in Access-Request messages. |
||
Nas-ip |
The AAA interface IP address(es) used to identify the system. |
||
Nas-ip backup |
The IP address of the secondary interface to use in the current context. |
||
Nexthop |
The next hop IP address for this NAS IP address. |
||
MPLS-label |
Indicates the MPLS label used for traffic from the specified RADIUS client NAS IP address. |
||
VRF |
The Virtual Routing and Forwarding (VRF) Context instance associated with this AAA group. |
||
Authentication |
|||
called-station-id |
Indicates whether RADIUS authentication attribute for called station id is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
calling-station-id |
Indicates whether RADIUS authentication attribute for calling station id is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
imsi |
Indicates whether RADIUS authentication attribute for IMSI is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-pdp-type |
Indicates whether RADIUS authentication attribute for 3GPP PDP type is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-cg-address |
Indicates whether RADIUS authentication attribute for 3GPP CG address is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-gprs-qos-negotiated-profile |
Indicates whether RADIUS authentication attribute for 3GPP GPRS QoS negotiated profile is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-sgsn-address |
Indicates whether RADIUS authentication attribute for 3GPP SGSN address is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-ggsn-address |
Indicates whether RADIUS authentication attribute for 3GPP GGSN address is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-imsi-mcc-mnc |
Indicates whether RADIUS authentication attribute for 3GPP IMSI MCC MNC is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-ggsn-mcc-mnc |
Indicates whether RADIUS authentication attribute for 3GPP GGSN MCC MNC is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-nsapi |
Indicates whether RADIUS authentication attribute for 3GPP NSAPI is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-select-mode |
Indicates whether RADIUS authentication attribute for 3GPP select mode is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-charging-characteristics |
Indicates whether RADIUS authentication attribute for 3GPP charging characteristics is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-sgsn-mcc-mnc |
Indicates whether RADIUS authentication attribute for 3GPP SGSN MCC MNC is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-imeisv |
Indicates whether RADIUS authentication attribute for 3GPP imeisv is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-rat-type |
Indicates whether RADIUS authentication attribute for 3GPP RAT type is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-user-location-info |
Indicates whether RADIUS authentication attribute for 3GPP user location information is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-ms-timezone |
Indicates whether RADIUS authentication attribute for 3GPP ms timezone is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
Accounting |
|||
called-station-id |
Indicates whether RADIUS accounting attribute for called station id is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
calling-station-id |
Indicates whether RADIUS accounting attribute for calling station id is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
acct-input-octets |
Indicates whether RADIUS accounting attribute for accounting input octets is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
acct-input-packets |
Indicates whether RADIUS accounting attribute for accounting input packets is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
acct-session-time |
Indicates whether RADIUS accounting attribute for accounting session time is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
acct-output-octets |
Indicates whether RADIUS accounting attribute for accounting output octets is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
acct-output-packets |
Indicates whether RADIUS accounting attribute for accounting output packets is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
event-timestamp |
Indicates whether RADIUS accounting attribute for event timestamp is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
imsi |
Indicates whether RADIUS accounting attribute for IMSI is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-charging-id |
Indicates whether RADIUS accounting attribute for 3GPP charging ID is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-pdp-type |
Indicates whether RADIUS accounting attribute for 3GPP PDP type is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-cg-address |
Indicates whether RADIUS accounting attribute for 3GPP CG address is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-gprs-qos-negotiated-profile |
Indicates whether RADIUS accounting attribute for 3GPP GPRS QoS negotiated profile is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-sgsn-address |
Indicates whether RADIUS accounting attribute for 3GPP SGSN address is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-ggsn-address |
Indicates whether RADIUS accounting attribute for 3GPP GGSN address is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-imsi-mcc-mnc |
Indicates whether RADIUS accounting attribute for 3GPP IMSI MCC MNC is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-ggsn-mcc-mnc |
Indicates whether RADIUS accounting attribute for 3GPP GGSN MCC MNC is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-nsapi |
Indicates whether RADIUS accounting attribute for 3GPP NSAPI is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-select-mode |
Indicates whether RADIUS accounting attribute for 3GPP select mode is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-charging-characteristics |
Indicates whether RADIUS accounting attribute for 3GPP charging characteristics is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-sgsn-mcc-mnc |
Indicates whether RADIUS accounting attribute for 3GPP SGSN MCC MNC is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-imeisv |
Indicates whether RADIUS accounting attribute for 3GPP imeisv is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-rat-type |
Indicates whether RADIUS accounting attribute for 3GPP RAT type is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-user-location-info |
Indicates whether RADIUS accounting attribute for 3GPP user location information is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
3gpp-ms-timezone |
Indicates whether RADIUS accounting attribute for 3GPP ms timezone is enabled. The attribute must also be supported in the configured RADIUS dictionary. |
||
Authentication: |
|||
Algorithm |
The RADIUS authentication server selection algorithm for the current context. |
||
Deadtime |
The time period to wait before changing the state of a RADIUS server from "Down" to "Active", in minutes. |
||
Max-outstanding |
The maximum number of messages a AAA manager will queue. |
||
Max-retries |
The maximum number of times communication with a AAA server is attempted before it is marked as "Not Responding" and the detect dead server's consecutive failures count is incremented. |
||
Max-transmissions |
The maximum number of re-transmissions for RADIUS authentication requests. |
||
Timeout |
The time period to wait for a response from the RADIUS server before re-sending the messages, in seconds. |
||
Apn-to-be-included |
The APN name included for RADIUS authentication. |
||
Authenticate null-username |
Indicates whether authentication of user names that are blank or empty is enabled. |
||
Probe: |
|||
Interval |
The time period between two RADIUS authentication probes. |
||
Timeout |
The timeout period for HAGR to wait for a response for RADIUS authentication probes. |
||
Max-retries |
The maximum number of retries for RADIUS authentication probe response. |
||
Keepalive: |
|||
Interval |
The time period between two keepalive access requests. |
||
Timeout |
The time period between two keepalive access request retries. |
||
Retries |
The number of times the keepalive access request is sent before marking the server as unreachable. |
||
consecutive-response |
The number of consecutive authentication responses after which the server is marked as reachable. |
||
Username |
The user name used for authentication. |
||
Calling-station-id |
The calling station ID used for keepalive authentication. |
||
Password |
The password used for authentication. |
||
Allow access-reject |
Indicates whether both access-accept and access-reject are considered as success for the keepalive authentication request. |
||
Detect-dead-server: |
|||
Consecutive-failures |
The number of consecutive failures, for any AAA manager, before a server's state is changed from "Active" to "Down". |
||
Response-timeout |
The time period for any AAA manager to wait for a response to any message before a server's state is changed from "Active" to "Down", in seconds. |
||
Keepalive |
Indicates whether the AAA server alive-dead detect mechanism based on sending keepalive authentication messages to all authentication servers is enabled. |
||
Accounting: |
|||
Algorithm |
The RADIUS accounting server selection algorithm for the current context. |
||
Deadtime |
The time period to wait before changing the state of a RADIUS server from "Down" to "Active", in minutes. |
||
Fire-And-Forget |
Displays whether or not the Fire-and-Forget feature is enabled in the AAA Group configuration. |
||
Max-outstanding |
The maximum number of messages a AAA manager will queue. |
||
Max-retries |
The maximum number of times communication with a AAA server will be attempted before it is marked as "Not Responding" and the detect dead server's consecutive failures count is incremented. |
||
Max-transmissions |
The maximum number of re-transmissions for RADIUS accounting requests. |
||
Max-pdu-size |
The maximum sized packet data unit which can be accepted/generated, in bytes. |
||
Interim-timeout |
The timeout period for sending accounting INTERIM-UPDATE records, in seconds. |
||
Interim-downlink-volume |
The downlink volume limit that triggers RADIUS interim accounting, in bytes. |
||
Interim-uplink-volume |
The uplink volume limit that triggers RADIUS interim accounting, in bytes. |
||
Interim-total-volume |
The total volume limit for RADIUS interim accounting, in bytes. |
||
Timeout |
The time period to wait for a response from a RADIUS server before retransmitting a request. |
||
Remote-address |
Indicates whether remote IP address lists are configured, and collection of accounting data for the addresses in those lists on a per-subscriber basis is enabled. |
||
Archive |
Indicates whether archiving of RADIUS Accounting messages in the system after the accounting message has exhausted retries to all available RADIUS Accounting servers is enabled. |
||
Apn-to-be-included |
The APN name included for RADIUS accounting. |
||
R-P originated: |
|||
Trigger active-start |
Indicates whether when an Active-Start is received from the PCF and there has been a parameter change, an R-P event occurs. |
||
Trigger active-handoff |
Indicates whether when an Active PCF-to-PFC Handoff occurs, a single or two R-P events will occur (one for the Connection Setup, and the second for the Active-Start). |
||
Trigger active-stop |
Indicates whether when an Active-Stop is received from the PCF, an R-P event occurs. |
||
Trigger policy |
the overall accounting policy for R-P sessions. |
||
Trigger stop-start |
Indicates whether a stop/start RADIUS accounting pair is sent to the RADIUS server when an applicable R-P event occurs. |
||
Handoff policy |
The overall accounting policy for R-P sessions. |
||
TOD |
The time of day a RADIUS event is generated for accounting. |
||
GTP originated: |
|||
Trigger policy |
The RADIUS accounting policy for GTP. |
||
MIP HA: |
|||
Policy |
The RADIUS accounting policy for Mobile IP HA calls. |
||
Keepalive: |
|||
Interval |
The time period between the two keepalive access requests. |
||
Timeout |
The time period between each keepalive access request retries. |
||
Retries |
The number of times the keepalive access request is sent before marking the server as unreachable. |
||
consecutive-response |
The number of consecutive authentication response after which the server is marked as reachable. |
||
Username |
The user name used for authentication. |
||
Calling-station-id |
The calling station ID used for keepalive authentication. |
||
Framed-ip-address |
The framed-ip-address used for keepalive accounting. |
||
Detect-dead-server: |
|||
Consecutive-failures |
The number of consecutive failures, for any AAA manager, before a server's state is changed from "Active" to "Down". |
||
Response-timeout |
The time period for any AAA manager to wait for a response to any message before a server's state is changed from "Active" to "Down", in seconds. |
||
Keepalive |
Indicates whether the AAA server alive-dead detect mechanism based on sending keepalive authentication messages to all authentication servers is enabled. |
||
Charging: |
|||
Auth-algorithm |
The RADIUS authentication algorithm. |
||
Acct-algorithm |
The RADIUS accounting algorithm. |
||
Deadtime |
The time period to wait before changing the state of a RADIUS server from "Down" to "Active", in minutes. |
||
Max-outstanding |
The maximum number of messages a AAA manager will queue. |
||
Max-retries |
The maximum number of times communication with a AAA server will be attempted before it is marked as "Not Responding" and the detect dead server's consecutive failures count is incremented. |
||
Max-transmissions |
The maximum number of re-transmissions for RADIUS requests. |
||
Timeout |
The time period to wait for a response from a RADIUS server before retransmitting a request. |
||
Detect-dead-server: |
|||
Consecutive-failures |
The number of consecutive failures, for any AAA manager, before a server's state is changed from "Active" to "Down". |
||
Response-timeout |
The time period for any AAA manager to wait for a response to any message before a server's state is changed from "Active" to "Down", in seconds. |